CVE-2023-0286
Description
There is a type confusion vulnerability relating to X.400 address processinginside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING butthe public structure definition for GENERAL_NAME incorrectly specified the typeof the x400Address field as ASN1_TYPE. This field is subsequently interpreted bythe OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than anASN1_STRING.When CRL checking is enabled (i.e. the application sets theX509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to passarbitrary pointers to a memcmp call, enabling them to read memory contents orenact a denial of service. In most cases, the attack requires the attacker toprovide both the certificate chain and CRL, neither of which need to have avalid signature. If the attacker only controls one of these inputs, the otherinput must already contain an X.400 address as a CRL distribution point, whichis uncommon. As such, this vulnerability is most likely to only affectapplications which have implemented their own functionality for retrieving CRLsover a network.
Risk Information
Base Score
7.4
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS Score
Exploitation Probability
88.474
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple vulnerabilities are fixed in OpenSSL 3.0.8 | Windows |
| Multiple vulnerabilities are fixed in OpenSSL (64-bit) 3.0.8 | Windows |
| Multiple vulnerabilities are fixed in OpenSSL (MSI)(x64) 3.0.8 | Windows |
| Multiple vulnerabilities are fixed in OpenSSL (MSI)(x86) 3.0.8 | Windows |
| Multiple Vulnerabilities are affected in IBM Aspera Shares 1.10.0 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Analytics 11.2.4 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Analytics 12.0.3 | Windows |
| Multiple Vulnerabilities are affected in IBM Business Automation Workflow 20.0.0.2 | Windows |
| Multiple vulnerabilities are affected in Oracle PeopleSoft Enterprise PeopleTools 8.59 | Windows |
| Multiple vulnerabilities are affected in Oracle PeopleSoft Enterprise PeopleTools 8.60 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.3 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.4 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.5 | Windows |
| Multiple Vulnerabilities are affected in IBM Business Automation Workflow 19.0.0.3 | Windows |
| Multiple Vulnerabilities are affected in IBM Business Automation Workflow 21.0.3.1 | Windows |
| Multiple Vulnerabilities are affected in IBM Business Automation Workflow 22.0.2 | Windows |
| Multiple Vulnerabilities are affected in IBM App Connect Enterprise 12.0.8.0 | Windows |
| Multiple Vulnerabilities are affected in IBM App Connect Enterprise 11.0.0.20 | Windows |
| Vulnerabilities CVE-2023-0286,CVE-2023-23931 are fixed in Python-cryptography 39.0.1 | Windows |
| Multiple vulnerabilities are fixed in OpenSSL Light 3.0.8 | Windows |
| Multiple vulnerabilities are fixed in OpenSSL Light (x64) 3.0.8 | Windows |
| Multiple vulnerabilities are fixed in OpenSSL Library 3.0.8 | Windows |
| Multiple vulnerabilities are fixed in OpenSSL Library x86 3.0.8 | Windows |
| openssl security update(DSA-5343-1) openssl_1.1.1n-0+deb11u4_amd64.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-5844-1) libssl3_3.0.2-0ubuntu1.8_i386.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-5844-1) libssl3_3.0.2-0ubuntu1.8_amd64.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-5844-1) libssl3_3.0.5-2ubuntu2.1_i386.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-5844-1) libssl3_3.0.5-2ubuntu2.1_amd64.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-5844-1) libssl1.1_1.1.1f-1ubuntu2.17_i386.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-5844-1) libssl1.1_1.1.1f-1ubuntu2.17_amd64.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-5844-1) libssl1.1_1.1.1-1ubuntu2.1~18.04.21_i386.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-5844-1) libssl1.1_1.1.1-1ubuntu2.1~18.04.21_amd64.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-5845-1) libssl1.0.0_1.0.2n-1ubuntu5.11_i386.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-5845-1) libssl1.0.0_1.0.2n-1ubuntu5.11_amd64.deb | Linux |
| Openssl update (ELSA-2023-0946) openssl-3.0.1-47.0.1.el9_1.x86_64.rpm | Linux |
| Openssl-devel update (ELSA-2023-0946) openssl-devel-3.0.1-47.0.1.el9_1.i686.rpm | Linux |
| Openssl-devel update (ELSA-2023-0946) openssl-devel-3.0.1-47.0.1.el9_1.x86_64.rpm | Linux |
| Openssl-libs update (ELSA-2023-0946) openssl-libs-3.0.1-47.0.1.el9_1.i686.rpm | Linux |
| Openssl-libs update (ELSA-2023-0946) openssl-libs-3.0.1-47.0.1.el9_1.x86_64.rpm | Linux |
| Openssl-perl update (ELSA-2023-0946) openssl-perl-3.0.1-47.0.1.el9_1.x86_64.rpm | Linux |
| Openssl update (ELSA-2023-1335) openssl-1.0.2k-26.el7_9.x86_64.rpm | Linux |
| Openssl-devel update (ELSA-2023-1335) openssl-devel-1.0.2k-26.el7_9.i686.rpm | Linux |
| Openssl-devel update (ELSA-2023-1335) openssl-devel-1.0.2k-26.el7_9.x86_64.rpm | Linux |
| Openssl-libs update (ELSA-2023-1335) openssl-libs-1.0.2k-26.el7_9.i686.rpm | Linux |
| Openssl-libs update (ELSA-2023-1335) openssl-libs-1.0.2k-26.el7_9.x86_64.rpm | Linux |
| (RHSA-2023:1335) openssl security update openssl-1.0.2k-26.el7_9.x86_64.rpm | Linux |
| (RHSA-2023:1335) openssl security update openssl-devel-1.0.2k-26.el7_9.i686.rpm | Linux |
| (RHSA-2023:1335) openssl security update openssl-devel-1.0.2k-26.el7_9.x86_64.rpm | Linux |
| (RHSA-2023:1335) openssl security update openssl-libs-1.0.2k-26.el7_9.i686.rpm | Linux |
| (RHSA-2023:1335) openssl security update openssl-libs-1.0.2k-26.el7_9.x86_64.rpm | Linux |
| (RHSA-2023:1335) openssl security update openssl-perl-1.0.2k-26.el7_9.x86_64.rpm | Linux |
| (RHSA-2023:1335) openssl security update openssl-static-1.0.2k-26.el7_9.i686.rpm | Linux |
| (RHSA-2023:1335) openssl security update openssl-static-1.0.2k-26.el7_9.x86_64.rpm | Linux |
| SUSE-SU-2023:0794-1(Basesystem Module 15-SP4 ) python3-PyJWT-2.4.0-150200.3.6.2.noarch.rpm | Linux |
| SUSE-SU-2023:0796-1(Basesystem Module 15-SP4 ) kernel-default-5.14.21-150400.24.49.3.x86_64.rpm | Linux |
| SUSE-SU-2023:0796-1(Basesystem Module 15-SP4 ) kernel-default-base-5.14.21-150400.24.49.3.150400.24.19.3.x86_64.rpm | Linux |
| SUSE-SU-2023:0796-1(Basesystem Module 15-SP4 ) kernel-default-debuginfo-5.14.21-150400.24.49.3.x86_64.rpm | Linux |
| SUSE-SU-2023:0796-1(Basesystem Module 15-SP4 ) kernel-default-debugsource-5.14.21-150400.24.49.3.x86_64.rpm | Linux |
| SUSE-SU-2023:0796-1(Basesystem Module 15-SP4 ) kernel-default-devel-5.14.21-150400.24.49.3.x86_64.rpm | Linux |
| SUSE-SU-2023:0796-1(Basesystem Module 15-SP4 ) kernel-default-devel-debuginfo-5.14.21-150400.24.49.3.x86_64.rpm | Linux |
| SUSE-SU-2023:0796-1(Development Tools Module 15-SP4 ) kernel-obs-build-5.14.21-150400.24.49.3.x86_64.rpm | Linux |
| SUSE-SU-2023:0796-1(Development Tools Module 15-SP4 ) kernel-obs-build-debugsource-5.14.21-150400.24.49.3.x86_64.rpm | Linux |
| SUSE-SU-2023:0796-1(Development Tools Module 15-SP4 ) kernel-syms-5.14.21-150400.24.49.4.x86_64.rpm | Linux |
| SUSE-SU-2023:0796-1(Legacy Module 15-SP4 ) reiserfs-kmp-default-5.14.21-150400.24.49.3.x86_64.rpm | Linux |
| SUSE-SU-2023:0796-1(Legacy Module 15-SP4 ) reiserfs-kmp-default-debuginfo-5.14.21-150400.24.49.3.x86_64.rpm | Linux |
| SUSE-SU-2023:0796-1(Basesystem Module 15-SP4 ) kernel-devel-5.14.21-150400.24.49.4.noarch.rpm | Linux |
| SUSE-SU-2023:0796-1(Development Tools Module 15-SP4 ) kernel-docs-5.14.21-150400.24.49.4.noarch.rpm | Linux |
| SUSE-SU-2023:0796-1(Basesystem Module 15-SP4 ) kernel-macros-5.14.21-150400.24.49.4.noarch.rpm | Linux |
| SUSE-SU-2023:0796-1(Development Tools Module 15-SP4 ) kernel-source-5.14.21-150400.24.49.4.noarch.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-5.14.0-285.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-doc-5.14.0-285.el9.noarch.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-debug-5.14.0-285.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-devel-5.14.0-285.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-tools-5.14.0-285.el9.x86_64.rpm | Linux |
| openssl update (TU-CESAS-0005) openssl-perl-3.0.7-6.el9.x86_64.rpm | Linux |
| openssl update (TU-CESAS-0005) openssl-devel-3.0.7-6.el9.i686.rpm | Linux |
| openssl update (TU-CESAS-0005) openssl-devel-3.0.7-6.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-headers-5.14.0-285.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-modules-5.14.0-285.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-uki-virt-5.14.0-285.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-tools-libs-5.14.0-285.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-debug-devel-5.14.0-285.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-modules-core-5.14.0-285.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-devel-matched-5.14.0-285.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-modules-extra-5.14.0-285.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-debug-uki-virt-5.14.0-285.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-debug-modules-core-5.14.0-285.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-debug-devel-matched-5.14.0-285.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-debug-modules-extra-5.14.0-285.el9.x86_64.rpm | Linux |
| openssl update (TU-CESAS-0006) openssl-3.0.7-6.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0006) kernel-core-5.14.0-285.el9.x86_64.rpm | Linux |
| openssl update (TU-CESAS-0006) openssl-libs-3.0.7-6.el9.i686.rpm | Linux |
| openssl update (TU-CESAS-0006) openssl-libs-3.0.7-6.el9.x86_64.rpm | Linux |
| python3 update (TU-CESAS-0006) python3-perf-5.14.0-285.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0006) kernel-debug-core-5.14.0-285.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0006) kernel-debug-modules-5.14.0-285.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0006) kernel-abi-stablelists-5.14.0-285.el9.noarch.rpm | Linux |
| Openssl update (ELSA-2023-1405) openssl-1.1.1k-9.el8_7.x86_64.rpm | Linux |
| Openssl-devel update (ELSA-2023-1405) openssl-devel-1.1.1k-9.el8_7.i686.rpm | Linux |
| Openssl-devel update (ELSA-2023-1405) openssl-devel-1.1.1k-9.el8_7.x86_64.rpm | Linux |
| Openssl-libs update (ELSA-2023-1405) openssl-libs-1.1.1k-9.el8_7.i686.rpm | Linux |
| Openssl-libs update (ELSA-2023-1405) openssl-libs-1.1.1k-9.el8_7.x86_64.rpm | Linux |
| Openssl-perl update (ELSA-2023-1405) openssl-perl-1.1.1k-9.el8_7.x86_64.rpm | Linux |
| openssl security and bug fix update (RLSA-2023:0946) openssl-3.0.1-47.el9_1.x86_64.rpm | Linux |
| openssl security and bug fix update (RLSA-2023:0946) openssl-libs-3.0.1-47.el9_1.i686.rpm | Linux |
| openssl security and bug fix update (RLSA-2023:0946) openssl-libs-3.0.1-47.el9_1.x86_64.rpm | Linux |
| openssl security and bug fix update (RLSA-2023:0946) openssl-perl-3.0.1-47.el9_1.x86_64.rpm | Linux |
| openssl security and bug fix update (RLSA-2023:0946) openssl-devel-3.0.1-47.el9_1.i686.rpm | Linux |
| openssl security and bug fix update (RLSA-2023:0946) openssl-devel-3.0.1-47.el9_1.x86_64.rpm | Linux |
| openssl security update (RLSA-2023:1405) openssl-1.1.1k-9.el8_7.x86_64.rpm | Linux |
| openssl security update (RLSA-2023:1405) openssl-libs-1.1.1k-9.el8_7.i686.rpm | Linux |
| openssl security update (RLSA-2023:1405) openssl-libs-1.1.1k-9.el8_7.x86_64.rpm | Linux |
| openssl security update (RLSA-2023:1405) openssl-perl-1.1.1k-9.el8_7.x86_64.rpm | Linux |
| openssl security update (RLSA-2023:1405) openssl-devel-1.1.1k-9.el8_7.i686.rpm | Linux |
| openssl security update (RLSA-2023:1405) openssl-devel-1.1.1k-9.el8_7.x86_64.rpm | Linux |
| (RHSA-2023:1405) openssl security update openssl-1.1.1k-9.el8_7.x86_64.rpm | Linux |
| (RHSA-2023:1405) openssl security update openssl-debugsource-1.1.1k-9.el8_7.i686.rpm | Linux |
| (RHSA-2023:1405) openssl security update openssl-debugsource-1.1.1k-9.el8_7.x86_64.rpm | Linux |
| (RHSA-2023:1405) openssl security update openssl-devel-1.1.1k-9.el8_7.i686.rpm | Linux |
| (RHSA-2023:1405) openssl security update openssl-devel-1.1.1k-9.el8_7.x86_64.rpm | Linux |
| (RHSA-2023:1405) openssl security update openssl-libs-1.1.1k-9.el8_7.i686.rpm | Linux |
| (RHSA-2023:1405) openssl security update openssl-libs-1.1.1k-9.el8_7.x86_64.rpm | Linux |
| (RHSA-2023:1405) openssl security update openssl-perl-1.1.1k-9.el8_7.x86_64.rpm | Linux |
| (RHSA-2023:2932) edk2 security update edk2-ovmf-20220126gitbb1bba3d77-4.el8.noarch.rpm | Linux |
| SUSE-SU-2023:0305(Legacy Module 15-SP4 ) libopenssl1_0_0-hmac-1.0.2p-150000.3.65.1.x86_64.rpm | Linux |
| Edk2-ovmf update (ELSA-2023-2932) edk2-ovmf-20220126gitbb1bba3d77-4.el8.noarch.rpm | Linux |
| SUSE-SU-2023:4614-1(SUSE Linux Enterprise Server 12 SP5 ) java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4614-1(SUSE Linux Enterprise Server 12 SP5 ) java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4614-1(SUSE Linux Enterprise Server 12 SP5 ) java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4614-1(SUSE Linux Enterprise Server 12 SP5 ) java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64.rpm | Linux |
| SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) wayland-devel-1.19.0-150400.3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-egl1-99~1.19.0-150400.3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-client0-1.19.0-150400.3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-cursor0-1.19.0-150400.3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-server0-1.19.0-150400.3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) wayland-debugsource-1.19.0-150400.3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) wayland-devel-debuginfo-1.19.0-150400.3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-client0-32bit-1.19.0-150400.3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-server0-32bit-1.19.0-150400.3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-egl1-debuginfo-99~1.19.0-150400.3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-client0-debuginfo-1.19.0-150400.3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-cursor0-debuginfo-1.19.0-150400.3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-server0-debuginfo-1.19.0-150400.3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-client0-32bit-debuginfo-1.19.0-150400.3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-server0-32bit-debuginfo-1.19.0-150400.3.3.1.x86_64.rpm | Linux |
| An open-source, cross-platform JavaScript runtime environment. (USN-6564-1) nodejs_12.22.9~dfsg-1ubuntu3.3_amd64.deb | Linux |
| An open-source, cross-platform JavaScript runtime environment. (USN-6564-1) libnode72_12.22.9~dfsg-1ubuntu3.3_amd64.deb | Linux |
| An open-source, cross-platform JavaScript runtime environment. (USN-6564-1) libnode-dev_12.22.9~dfsg-1ubuntu3.3_amd64.deb | Linux |
| (RHSA-2023:1335)Important: security update openssl-debuginfo-1.0.2k-26.el7_9.i686.rpm | Linux |
| (RHSA-2023:1335)Important: security update openssl-debuginfo-1.0.2k-26.el7_9.x86_64.rpm | Linux |
| Openssl-perl update (ELSA-2024-9333) openssl-perl-3.2.2-6.0.1.el9_5.x86_64.rpm | Linux |
| Openssl-libs update (ELSA-2024-9333) openssl-libs-3.2.2-6.0.1.el9_5.x86_64.rpm | Linux |
| Openssl-libs update (ELSA-2024-9333) openssl-libs-3.2.2-6.0.1.el9_5.i686.rpm | Linux |
| Openssl-fips-provider-so update (ELSA-2024-9333) openssl-fips-provider-so-3.0.7-6.0.1.el9_5.x86_64.rpm | Linux |
| Openssl-fips-provider update (ELSA-2024-9333) openssl-fips-provider-3.0.7-6.0.1.el9_5.x86_64.rpm | Linux |
| Openssl-fips-provider update (ELSA-2024-9333) openssl-fips-provider-3.0.7-6.0.1.el9_5.i686.rpm | Linux |
| Openssl-devel update (ELSA-2024-9333) openssl-devel-3.2.2-6.0.1.el9_5.x86_64.rpm | Linux |
| Openssl-devel update (ELSA-2024-9333) openssl-devel-3.2.2-6.0.1.el9_5.i686.rpm | Linux |
| Openssl update (ELSA-2024-9333) openssl-3.2.2-6.0.1.el9_5.x86_64.rpm | Linux |
| Compat-openssl10 update (ELSA-2025-7895) compat-openssl10-1.0.2o-4.el8_10.1.x86_64.rpm | Linux |
| Compat-openssl10 update (ELSA-2025-7895) compat-openssl10-1.0.2o-4.el8_10.1.i686.rpm | Linux |
| (RHSA-2025:7895)Important: security update compat-openssl10-1.0.2o-4.el8_10.1.x86_64.rpm | Linux |
| (RHSA-2025:7895)Important: security update compat-openssl10-1.0.2o-4.el8_10.1.i686.rpm | Linux |
| (RHSA-2025:7937)Important: security update compat-openssl11-1.1.1k-5.el9_6.1.x86_64.rpm | Linux |
| (RHSA-2025:7937)Important: security update compat-openssl11-1.1.1k-5.el9_6.1.i686.rpm | Linux |
| Compat-openssl11 update (ELSA-2025-7937) compat-openssl11-1.1.1k-5.el9_6.1.x86_64.rpm | Linux |
| Compat-openssl11 update (ELSA-2025-7937) compat-openssl11-1.1.1k-5.el9_6.1.i686.rpm | Linux |
| Important: compat-openssl10 security update compat-openssl10-1.0.2o-4.el8_10.1.x86_64.rpm | Linux |
| Important: compat-openssl10 security update compat-openssl10-1.0.2o-4.el8_10.1.i686.rpm | Linux |
| Important: compat-openssl11 security update compat-openssl11-1.1.1k-5.el9_6.1.x86_64.rpm | Linux |
| Important: compat-openssl11 security update compat-openssl11-1.1.1k-5.el9_6.1.i686.rpm | Linux |
| Vulnerabilities CVE-2023-0286,CVE-2023-23931 are fixed in Python-cryptography for linux 39.0.1 | Linux |
| Access of Resource Using Incompatible Type (Type Confusion) Vulnerability (CVE-2023-0286) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-355449 | OpenSSL (3.6.1) |
| PATCH-355451 | OpenSSL Light (3.6.1) |
| PATCH-355452 | OpenSSL Light (x64) (3.6.1) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234